For me your description looks a bit strange, as for Vladimir.
And I belive that you could share screenshot from your logs, drawing, and antispoofing settings with real IPs because they are internal ones. Or at least change them to something like 10.10.10.X, 20.20.20.X.
I added a new subnet, associated it to a couple of interfaces, and it worked, for a couple of days. Then, traffic to that new subnet began to be dropped because of an anti-spoofing alert.
Antispoofing should be configured in such way:
interface A - subnet1 + subnet2
interface B - subnet4
interface C - NewLan
It would mean that from this interface only traffic from these networks is expected, other traffic will be dropped. So, antispoofing check source IP only on this interface. If you have some asynchronous routing or servers with several interfaces in different networks, this could lead of course to blocking by antispoofing.